 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Fri, Aug 03, 2001 at 02:20:51PM -0400, Duane Morin wrote: > > After all, what constitutes a "server" if you really want to get > technical? I want to connect to my home machine from work, so I run an > ssh daemon. Am I now an ssh server? I'm the only client, so it's not > like I've got a dozen people sharing the line or something. That's one way to look at it. And in all likelihood, your ISP won't notice and won't care. But there is another way to look at it which is increasingly getting the attention of ISPs. What is a server? It's an open, listening port on a machine on their network which can AND WILL be scanned for by attackers, and which WILL be attacked, if the attacker knows an exploit for that service. Guaranteed. And if your version of the service is vulnerable, your machine will be compromised and subsequently used as a base to attack other machines. In the vast majority of cases, this scanning and attacking is done via automation, so if you're in the block the attacker is interested in, you will NOT be overlooked. Once your machine is compromised and has begun attacking other machines on the Internet, someone will notice, and will complain to your ISP. They will likely give you ONE chance to clean up the problem. Several people on either this list or on GNHLUG can tell you first hand that you will not be given a second chance to fix the problem... If you don't do it right after the first notification, your service will be terminated, permanently. Based on what I have seen and heard from other Cable users, I think this is the biggest threat to the termination of your service. So if you really want to run your own services, my advice to you would be to first spend some time (if you haven't already) learning how to keep your machine secured against intruders. And be vigilant. -- --------------------------------------------------- Derek Martin | Unix/Linux geek ddm at pizzashack.org | GnuPG Key ID: 0x81CFE75D Retrieve my public key at http://pgp.mit.edu - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
